Keep knowledgeable with free updates
Merely signal as much as the Cyber Safety myFT Digest — delivered on to your inbox.
Qantas is investigating whether or not a hacking group that focused UK retailer Marks and Spencer this yr was behind a cyber assault that breached a database containing the non-public particulars of 6mn of the Australian airline’s clients.
The corporate stated the hackers focused considered one of its name centres on Monday and gained entry to a third-party customer support platform. Qantas stated it was doubtless {that a} “vital” quantity of private information had been extracted from the database, which contained buyer names, e mail addresses, cellphone numbers, start dates and frequent flyer particulars.
The database didn’t include monetary info, equivalent to bank card numbers, that are saved on totally different servers, stated Qantas.
The assault comes days after the FBI warned that there have been indicators the “Scattered Spider” cyber legal group had began to focus on the worldwide airline sector.
“They aim massive companies and their third-party IT suppliers, which suggests anybody within the airline ecosystem, together with trusted distributors and contractors, might be in danger,” the FBI stated in an alert final week. It warned that extortion makes an attempt have been usually made after delicate info was stolen.
The warning adopted latest cyber assaults on Hawaiian Airways and Canada’s WestJet.
Scattered Spider is reported to be behind numerous high-profile information breaches, together with these of M&S and MGM Casinos. It has gained a status for efficient subterfuge methods equivalent to impersonating employees at firms to trick IT departments into offering entry to programs.
Qantas, Australia’s largest airline, stated it had moved shortly to safe its programs. It has alerted the Australian Federal Police, in addition to different authorities businesses, and can contact affected clients.
Vanessa Hudson, chief government, stated: “We sincerely apologise to our clients and we recognise the uncertainty it will trigger. Our clients belief us with their private info and we take that duty critically.”
Qantas shares dropped 3.6 per cent after it revealed the hack on Wednesday.
The airline is the most recent Australian firm to be affected by a cyber assault, with telecoms firm Optus, healthcare supplier Medibank Non-public, numerous Australian pension funds and port operator DP World all hit previously three years.
